The output is a little cryptic but its not to bad. You can see the flow id we used of 252 and the u32 match for the ip address / netmask in hex.

If we ping 0xa010503 the IP address becomes easier to read:

ping 0x0a010503PING 0x0a010503 (10.1.5.3) 56(84) bytes of data.

You can delete a filter by referencing the 800::801 part.For example to delete the one we just created:

tc filter del dev eth0 parent 1: proto ip prio 1 handle 800::801 u32

RecapA Packet from 10.1.5.3/32 gets intercepted by our filter based on the u32 match.The filter sends the packet to the class matching the same flow id of 252The class assigns a speed of 5mbit which in turn passes it to the qdisc.The qdisc does its thing and the packet is delivered.

ConsiderationsTc will only support a Flow ID up to 9999This will only rate limit download speeds, which are packets to the user. I have not found a way to rate limit upload speeds, packets from the user.

ThoughtsYou can use this information to match on entire subnets.You can create multiple filters to point to the same class / flow idIn my server I track the Flow ID / IP Address in a database and I can then manage them easier via a webpage.

ConclusionThis is just a simple yet very powerful example of how to use HTB QoS.There are lots of options you can set on each command. This is just a quick guide to get you up and running. I would highly recomend reading up more on http://lartc.org

Let me know what you think or if you have any suggestions / corrections.